I’ve heard and read a lot about Microsoft’s and Amazon’s cloud services, but never really had to look into them. On my previous job we only just have started using local provider’s cloud services and Azure was only on our minds. So, being a complete noob in this area i have decided to give it a try, especially as i have found out they have a temporary free tier or trial modes. I also needed to run a few tests on recent Windows Server versions for www.igniterealtime.org products (Openfire) and i didn’t want to pirate just to be able to install into my virtual machine. This won’t be a helpful read for seasoned cloud users, but might be insightful for those thinking to dip their toes into this. Especially on the “free” matter.
Amazon Web Services (AWS) was my first choice as this is still the most popular platform (with Azure getting more market share quickly).
- My first issue was with my account’s activation. For some reason Amazon’s activation system couldn’t reach my phone number (using Telia (largest telco and mobile provider here), though my number was at some point a pre-paid one). I had to create my first support case and eventually was able to activate my account via support chat after being sent a One Time Password code. In result my credit card has been charged with 1$ 3 times (all three attempts to activate). Well, not charged, only reserved to make sure my card is active. These 3 dollars came back after a few weeks.
- Have tried out setting up Virtual MFA with Google Authenticator app. Works ok, although you have to manually run the authenticator app and submit shown MFA code on the login page. But you can just have MFA enabled for this one AWS account. With Microsoft and Azure this is a bit different.
- Then i went into creating t2.micro instances of virtual machines, which is eligible for free tier (12 months). I have tried RedHat, Ubuntu Server, Windows Server 2016 and 2019. I thought maybe one has to have a Windows Server license to run a Windows instance, but no, it was still free.
- To get access to your instances i had to generate private and public keys in AWS. It is described well in the link “How to connect to my instance” after you create your first VM. Was using these keys to connect to Linux machines via SSH (PuTTY on Windows). Just had to convert the key into RSA format for PuTTY with PuTTYgen. So, for Linux machines you don’t have any user. Just login with your keys and then can install and run stuff via sudo command. For Windows instances i had to generate a Windows administrator password with the same keys. Then i used regular Remote Desktop to connect to them. Which was handy as i could just copy-paste files from my PC to instances.
- For the instances to be accessible from internet one has to create and manage security groups, which work like firewall rules. But you can assign one security group to many machines, which is convenient. Still, with Windows machines i had to create same rules in their internal firewalls. RedHat and Ubuntu Server instances seem not to have internal firewalls installed/running.
- When you shutdown an instance it loses its assigned public IP and gets new one when launched again. But there is such thing as Elastic IPs, which can help you get a permanent IP for your instance. And this is there some money charging can occur.
- I have read that Elastic IP is free until it is used and you are charged if it is not used, but still reserved for you. I was wondering if this cost also applies if the instance is turned off. It does 🙂 Well, i was only trying this for a day or so, so it was just a few cents that started to accumulate. I have then released my Elastic IP.
- Next thing that can generate a bill is going over the free tier limit. As i was only doing tests, i had my instances turned off most of the time. So i couldn’t reach the 750 hours limit per month for compute side. But i have created too many instances and received a forecast warning from AWS about the storage. Even after i have quickly removed some and then all instances and volumes it still accumulated a few more cents for a few days before stopping to count. This is still not exactly clear to me. I get that this is not charge for that moment, but a monthly fee. So if you go over a limit, it will charge you for the whole month, even if you go under the limit quickly after that. And i thought that the bill will keep growing till the end of the month. But it stopped after a few days. Maybe it calculates some average charge. Anyway, make sure not to go over 30 GB monthly limit. One instance usually takes 8-10 gigs at the start.
Microsoft Azure was my second option to test. I have used some Office 365/Microsoft 365 services in the past and know my way around Azure Portal somewhat. I also follow latest Microsoft news closely, so it was interesting to see how Azure services work.
- First i have registered an Azure account (used my personal Microsoft account for that instead of creating a new one). This time there were no troubles with activation or anything.
- As i have mentioned MFA works a bit differently with Microsoft. Of course, if you use your work account to access Azure, then you would use MFA provided by Azure AD Premium. But if you only try this with your personal MS account, then you will have to enable MFA for this account by going to https://account.microsoft.com, opening more security options and turning on the Two-step authentication. So, you can’t just enable MFA for Azure, you will enable it for your personal account. But it is a bit more flexible. You can either use the Microsoft Authenticator app or phone number or other email. This app is more convenient as it shows a popup automatically when you try to login with your MS account and you only have to press the Approve button after making sure the code shown in both places is the same.
- Azure gives you a 200$ credit for a month to try their services. Make sure to use it. As i only wanted to try the free tier i wasn’t paying attention to that credit and it expired (was testing AWS at that point and left Azure for later).
- Once your credit expires you have to upgrade your account to Pay-as-you-go, if you want to continue using it. That’s where the biggest catch is. Even though Microsoft is advertising 12 months of free usage of their paid services, they still include a support plan fee. I should have probably closed this account and started with a new one to get a 200$ credit again. But i decided to take a chance. I must say that MS is not super clear on this. Once you get an email about your credit expiration, you press on a link to upgrade your account. Then it takes you to Azure portal and shows you 3 support plan options. Cheapest one is Developer support, around 30 bucks per month. On the side they tell that you still won’t have to pay, if you use free services or trial paid services for 12 months. I can’t get to that page again, so can’t say you the exact wording. The closest i can find is this image. But it is a bit outdated, as in my case there were also prices shown. I can’t say now for sure if there was no option without a plan. Or maybe i was confused by that statement about it being still free. So i have selected the Developer plan and upgraded. For a few days billing showed nothing. But once i have created my first VM i was charged that support fee. Then i went into Account Center and have canceled this subscription. Maybe if i would do this immediately after upgrading, it wouldn’t charge me. That’s a costly lesson 🙂
- But that’s not all. Then i have noticed that it started to count a few cents per day towards my still active Pay-as-you-go subscription, which at the moment only had one Windows Server 2019 instance in offline state. When i was creating that VM on the last step it showed me the calculated price of 0,11 Eur per hour. But i assumed this should be free for 12 months anyway. I can’t figure out what i’m being charged for exactly. Cost analysis page is not giving me a clear information on that. And it kept counting even after stopping the machine. Anyway, i had to delete that instance and cancel the Pay-as-you-go subscription too to make it stop. Maybe it only shows the cost, but there won’t be an actual charge at the end of the month, but this is too confusing.
- Now, the technical part. This is very similar to AWS, although i prefer the more clean and modern look of Azure UI. You create an instance and go through pages selecting OS, resources, setting up admin password, network settings, etc. Then you can connect to it via SSH or RDP. Similar to AWS.
- Firewall behaves a bit differently. Though i’m sure you can have similar behavior to AWS Security Groups in Azure, but out of the box i had to set rules on the instance itself. And then again had to repeat same rules in internal firewall of Windows Server instance. I haven’t tried Linux instances though.
- There is no Elastic IP in Azure, you keep your public IP assigned to machine.
In conclusion, both services are similar. Azure looked more familiar and polished from the UI perspective. Out of the box security groups in AWS were more convenient to setup common rules for instances. Although it was also my fault for not reading up on that more and being naive, Azure also wasn’t clear enough about its costs and it didn’t felt truly free for 12 months as advertised with unexpected charges.